From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+119058+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 35261941BF7
	for <rebecca@openfw.io>; Fri, 17 May 2024 21:09:20 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=eIULGCLwCy3Yn7GCAe94JAAbnPnnktKmnkb39Tjuefo=;
 c=relaxed/simple; d=groups.io;
 h=DKIM-Filter:From:To:Cc:Subject:Date:Message-ID:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20240206; t=1715980159; v=1;
 b=SZrML4+GfAI3+gF4WRpbXsYIqK1Pa33+TrfL6VF0GduVbel3eCv7ZagHHCvNgyMg7fT+P7+3
 vejMwj3YfFXJPLorHo/NzlqNpiiN5FjHagj2z6ndho/6AsborK7tCfeuVti7AmC/4IrtqqUd3eH
 XNlZqYVLKsqf7RAwZJ/xDeEyZJldkjMdpqficiGMwba7AQc3i9FCs12py4ibUhEMCHMYTylXM3G
 exl8iHPapk0Y1JF4XcbQwES3FqajfLVq5tWLhjnYSqfjkKdzoLI8CrbR9r+FdW+hbu8aJ6lK/8v
 5aVMtjbMWVfhgshqhI/fxGD110mYLHsTRjEN2YQtJDWhg==
X-Received: by 127.0.0.2 with SMTP id gYKyYY7687511xlyedQXnRn8; Fri, 17 May 2024 14:09:19 -0700
X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web10.6716.1715980158780778628
 for <devel@edk2.groups.io>;
 Fri, 17 May 2024 14:09:18 -0700
X-Received: from localhost.localdomain (unknown [47.201.241.198])
	by linux.microsoft.com (Postfix) with ESMTPSA id 5552E20B915A;
	Fri, 17 May 2024 14:09:17 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 5552E20B915A
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Bob Feng <bob.c.feng@intel.com>,
	Joey Vagedes <joey.vagedes@gmail.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Rebecca Cran <rebecca@bsdio.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Yuwei Chen <yuwei.chen@intel.com>
Subject: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
Date: Fri, 17 May 2024 17:09:01 -0400
Message-ID: <20240517210902.1510-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Fri, 17 May 2024 14:09:18 -0700
Resent-From: mikuback@linux.microsoft.com
Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: prRdiGriDTgvZuSYUkvdR9TQx7686176AA=
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b=SZrML4+G;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

From: Michael Kubacki <michael.kubacki@microsoft.com>

This fixes an issue where the CodeQL queries currently fetched in the
pipeline are incompatible with the current executable used.

Update to pick up functional and security fixes. See the following
comparison for detailed differences:

https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Joey Vagedes <joey.vagedes@gmail.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Yuwei Chen <yuwei.chen@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---

Notes:
    This change fixes an immediate compatibility issue between
    the latest queries being pulled and the CodeQL CLI being
    used.
   =20
    A follow up change will attempt to lock queries against a
    compatibile version to prevent queries from pulling ahead
    to incompatible versions in the future.
   =20
    ---
   =20
    This change was tested in edk2 CI:
   =20
    https://github.com/tianocore/edk2/pull/5667

 BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml         | 6 +++---
 BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
 BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml b/BaseTools/P=
lugin/CodeQL/codeqlcli_ext_dep.yaml
index 5ec56c6bf06f..dbc9c2ba0290 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
@@ -16,9 +16,9 @@
   "scope": "codeql-ext-dep",
   "type": "web",
   "name": "codeql_cli",
-  "source": "https://github.com/github/codeql-cli-binaries/releases/down=
load/v2.16.1/codeql.zip",
-  "version": "2.16.1",
-  "sha256": "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e=
093e6",
+  "source": "https://github.com/github/codeql-cli-binaries/releases/down=
load/v2.17.3/codeql.zip",
+  "version": "2.17.3",
+  "sha256": "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a56=
6dfd5",
   "compression_type": "zip",
   "internal_path": "/codeql/",
   "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml b/BaseT=
ools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
index 5b4a919f1de4..536322f2b331 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
@@ -14,9 +14,9 @@
   "scope": "codeql-linux-ext-dep",
   "type": "web",
   "name": "codeql_linux_cli",
-  "source": "https://github.com/github/codeql-cli-binaries/releases/down=
load/v2.16.1/codeql-linux64.zip",
-  "version": "2.16.1",
-  "sha256": "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4c=
bc171",
+  "source": "https://github.com/github/codeql-cli-binaries/releases/down=
load/v2.17.3/codeql-linux64.zip",
+  "version": "2.17.3",
+  "sha256": "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8a=
d3c7a",
   "compression_type": "zip",
   "internal_path": "/codeql/",
   "flags": ["set_shell_var", ],
diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml b/Bas=
eTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
index c0c018c9538f..93a81ffd5020 100644
--- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
+++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
@@ -14,9 +14,9 @@
   "scope": "codeql-windows-ext-dep",
   "type": "web",
   "name": "codeql_windows_cli",
-  "source": "https://github.com/github/codeql-cli-binaries/releases/down=
load/v2.16.1/codeql-win64.zip",
-  "version": "2.16.1",
-  "sha256": "9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584=
f4f28",
+  "source": "https://github.com/github/codeql-cli-binaries/releases/down=
load/v2.17.3/codeql-win64.zip",
+  "version": "2.17.3",
+  "sha256": "4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83=
b34e7",
   "compression_type": "zip",
   "internal_path": "/codeql/",
   "flags": ["set_shell_var", ],
--=20
2.45.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119058): https://edk2.groups.io/g/devel/message/119058
Mute This Topic: https://groups.io/mt/106161774/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-